EBA’s decision was in response to concerns about industry readiness to apply SCA to e-commerce card transactions, and to minimise potential disruption to consumers and merchants.We encourage all ASPSPs to make use of Article 10 of the SCA-RTS.Contactless charitable donations are typically made using offline terminals without functionality to support PIN entry if a transaction is stepped-up for authentication. We have agreed to give firms extra time to implement these rules in some circumstances. In its guidance on SCA, updated for the COVID-19 Crisis, the FCA has set out the following guidance:This recent update to the FCA's SCA guidance page demonstrates the FCA’s alert and responsive approach to the impact of the COVID-19 crisis on firms currently applying or working to apply SCA, and that the current crisis may impact firms implementing SCA. We encourage use of the Open Banking Implementation Entity’s transparency calendar for this purpose. On 31 March 2020, the FCA updated its guidance to firms on Strong Customer Authentication (SCA) in light of the possible disruption to the implementation of SCA and the high risk of fraud during the Coronavirus (COVID-19) crisis.The FCA will show forbearance on a case-by-case basis for firms which have yet to fully implement SCA in online banking. This is either by a dedicated interface based on application programming interface standards (APIs) or a modified customer interface (MCI). The FCA will take into account a firm's current security measures on customer online access and payments, processes in place to reduce and protect customers from fraud, and the impact of the current circumstances on a firm’s ability to implement SCA for online banking.The FCA has asked that firms to contact them as soon as possible if they are facing difficulties with implementing SCA according to the required deadlines. The Financial Conduct Authority (FCA) has responded to the European Banking Authority’s (EBA) opinion on Strong Customer Authentication (SCA), agreeing that some firms will be given extra time to implement the rules. Payments and e-commerce market participants may be breathing a huge sigh of relief as the Financial Conduct Authority (FCA) has agreed a plan that gives the industry extra time to implement the Strong Customer Authentication (SCA) rules. On 30 April 2020, the FCA published a new web page setting out a statement regarding strong customer authentication and coronavirus.. If this is not the case, or where firms are facing difficulties, we expect them to discuss with us as priority.However, where an ASPSP is providing access to TPPs through APIs, and did not have all payment accounts accessible by APIs on or before 14 June 2019, it should keep existing screen-scraping channels available during the adjustment period.
For firms that haven’t met the requirements, and are facing further delays due to coronavirus, we will consider on a case-by-case basis the appropriate further measures.We previously announced that the European Banking Authority (EBA) accepted that the FCA and other National Competent Authorities may give some firms extra time to implement SCA. The new regime of strong customer authentication or SCA means that banks must identify every customer using at least two of these independent factors: something only you know (a password or Pin) something only you possess (a card reader or registered mobile device) and something only you are (a digital fingerprint or voice pattern). The UK’s Financial Conduct Authority (FCA) has delayed the implementation of Strong Customer Authentication (SCA).